Choose Index below for a list of all words and phrases defined in this glossary.

Data Masking

index | Index

Data Masking - definition(s)

Data Masking - Any process for replacing real data with fake data.

[Category=Data Governance ]

Source: The Data Governance Institute, 26 November 2009 08:57:42, External

These advertisers support this free service

data masking - Data masking is a method of creating a structurally similar but inauthentic version of an organization's data that can be used for purposes such as software testing and user training. The purpose is to protect the actual data while having a functional substitute for occasions when the real data is not required.

Although most organizations have stringent security controls in place to protect production data in storage or in business use, sometimes that same data has been used for operations that are less secure. The issue is often compounded if these operations are outsourced and the organization has less control over the environment. In the wake of compliance legislation, most organizations are no longer comfortable exposing real data unnecessarily.

In data masking, the format of data remains the same; only the values are changed. The data may be altered in a number of ways, including encryption, character shuffling, and character or word substitution. Whatever method is chosen, the values must be changed in some way that makes detection or reverse engineering impossible.

Vendors of data masking products include Compuware, dataguise, IBM, Informatica and Oracle.

See also: extract, transform, load (ETL)

Related glossary terms: RSA algorithm, data key, greynet (or graynet), spam cocktail (or anti-spam cocktail), fingerscanning (fingerprint scanning), munging, insider threat, authentication server, defense in depth, nonrepudiation / non-repudiation

[Category=Data Management ]

Source:, 21 July 2013 09:01:04, External

Data Quality Glossary.  A free resource from GRC Data Intelligence. For comments, questions or feedback: